using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using DAL;
using Model;

public partial class auth : System.Web.UI.Page
{
    public static string path = "";

    protected void Page_Load(object sender, EventArgs e)
    {
        string url = ConfigurationManager.AppSettings["url"].ToString();
        path = Request.QueryString["back"];
        Authenticate(url);
    }

    #region

    protected void Authenticate(string path)
    {
        string uid = "";
        string time = "";
        string firstname = "";
        string lastname = "";
        string mail = "";
        string digest = "";
        string key = "";

        // try to read the digest passed from SAFE
        digest = Request.Params["digest"];

        // if digest exists then user has been authenticated
        if (string.IsNullOrEmpty(digest))
        {
            Response.Redirect(path); // redirect user to SAFE for authenticating 
        }
        else
        {


            uid = Request.Params["uid"];
            time = Request.Params["time"];
            firstname = Request.Params["firstname"];
            lastname = Request.Params["lastname"];
            mail = Request.Params["email"];
            key = ConfigurationManager.AppSettings["key"].ToString();

            string compiledDigest = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(uid + time + key, "MD5");

            string[] times = time.Split(':');


            if (compiledDigest.Equals(digest,StringComparison.OrdinalIgnoreCase) && ValidTime(System.DateTime.Now, Convert.ToDateTime(times[0] + "-" + times[1] + "-" + times[2] + " " + times[3] + ":" + times[4] + ":" + times[5]))) // && System.DateTime.Compare(System.DateTime.Now,Convert.ToDateTime(time))
            {
                Session["uid"] = uid;
                Session["firstname"] = firstname;
                Session["lastname"] = lastname;
                Session["mail"] = mail;
                UserService usc = new UserService();
                User user = new User();
                user.UID = uid;
                user.FirstName = firstname;
                user.LastName = lastname;
                user.Mail = mail;
                usc.CreateUser(user);
                if (!string.IsNullOrEmpty(Request.QueryString["back"]))
                    Response.Redirect(Request.QueryString["back"] + ".aspx");
                else
                    Response.Redirect("Innov.aspx");
            }
            else
            {
                Response.Redirect("html/Error.htm");
            }
        }
    }

    protected bool ValidTime(DateTime first, DateTime second)
    {
        TimeSpan result = first - second.Add(new TimeSpan(8,0,0));
        if (result.TotalMinutes < 5.0)
            return true;
        else
            return false;
    }

    #endregion
}
